<?php

/*------------------------------------------------
*
*   Explay Engine Content Management System.
*   Copyright © 2008 Golovdinov Alexander.
*
*-------------------------------------------------
*
*   Official site: wwww.alex-home.spb.ru/explay.html
*   Contact e-mail: golovdinov@gmail.com
*
*   GNU General Public License original source:
*   http://www.gnu.org/licenses/gpl-3.0.html
*
------------------------------------------------*/

if (!defined ('EXPLAY')) exit;

$feedback = $db->fetch_array ($db->query ("SELECT * FROM ".DB_PEREFIX."_feedback"));

if ($feedback['select_admins'] == 'on') {
	$get_admins = $db->query ("SELECT user_id, user_name FROM ".DB_PEREFIX."_users WHERE user_group = 'admin' ORDER BY user_id");
	$admins = "
	<tr>
		<td align=\"right\">Кому:</td><td><select name=\"mail\" class=\"form\">";
	if ($get_admins) {
		while (list($id, $name) = $db->fetch_row($get_admins)) {
			$admins .= "\n<option value=\"$id\">Администратор: $name</option>";
		}
		$admins .= "\n<option value=\"".$SITE['site_mail']."\">E-mail сайта</option>";
	}
	else $admins = "<option value=\"".$SITE['site_mail']."\">E-mail сайта</option>";
	$admins .= "</select></td>
	</tr>\n";
}
else $admins = '';//<input type=\"hidden\" name=\"mail\" value=\"".$SITE['site_mail']."\" />";


$form = "<form name=\"send\" style=\"margin:0px\" method=\"post\" action=\"/feedback/\">
<table cellspacing=\"0\" cellpadding=\"2\" width=\"100%\">
	$admins";
if ($feedback['user_email'] == 'on') {
	$form .= "
	<tr>
		<td align=\"right\">Ваш e-mail:</td><td><input type=\"text\" maxleigth=\"40\" name=\"user_mail\" style=\"width:60%\" class=\"form\" value=\"".$GLOBAL_USER['user_email']."\"></td>
	</tr>\n";
}
else {
	$form .= "
	<tr>
		<td align=\"right\">Ваше имя:</td><td><input type=\"text\" maxleigth=\"40\" name=\"user_name\" style=\"width:60%\" class=\"form\" value=\"\"></td>
	</tr>\n";
}
if ($feedback['titles'] == '') {	
	$form .= "
	<tr>
		<td align=\"right\">Тема:</td><td><input type=\"text\" maxleigth=\"40\" name=\"title\" style=\"width:60%\" class=\"form\"></td>
	</tr>";
}
else {
	$form .= "
	<tr>
		<td align=\"right\" valign=\"top\">Тема:</td><td>";
	$titles = $feedback['titles'];
	$titles = explode ("\n", $titles);
	foreach ($titles as $title) {
		$title = str_replace ("\n", '', $title);
		$form .= "\n\t\t\t<input type=\"radio\" name=\"select_title\" value=\"$title\" id=\"$title\" /> <label for=\"$title\">$title</label><br />";
	}
	$form .= "
		</td>
	</tr>";
	if ($feedback['user_title'] == 'on') $form .= "
	<tr>
		<td align=\"right\">Другая тема:</td><td><input type=\"text\" maxleigth=\"40\" name=\"user_title\" style=\"width:60%\" class=\"form\"></td>
	</tr>";
}
$form .= "
	<tr>
		<td align=\"right\" valign=\"top\">Текст:</td><td><textarea name=\"text\" class=\"form\" style=\"width:90%\" rows=\"10\">".$_POST['text']."</textarea></td>
	</tr>
	<tr>
		<td align=\"right\">Код:</td><td><img src=\"/antibot.gif\" align=\"absmiddle\"> <input class=\"form\" size=\"5\" type=\"text\" name=\"code\" maxlength=\"5\" value=\"\"></td>
	</tr>
	<tr>
		<td colspan=\"2\" align=\"center\"><input type=\"submit\" style=\"width:160px\" class=\"button\" value=\"Отправить\"></td>
	</tr>
</table>
</form>";

if (!isset($_POST['text'])) {	
	past_table ("Форма обратной связи", $form);
}
if (isset($_POST['text'])) {
	$id_ = trim (strip_tags ($_POST['mail']));
	$ip = $_SERVER['REMOTE_ADDR'];
	$user_mail = strip_tags ($_POST['user_mail']);
	$title = strip_tags (trim($_POST['title']));
	$text = strip_tags ($_POST['text']);
	$select_title = strip_tags($_POST['select_title']);
	$user_title = strip_tags ($_POST['user_title']);
	
	$error = "";
	
	if ($feedback['select_admins'] == "on") {
		if ($_POST['mail'] != $SITE['site_email']) {
			$get_admin = $db->query ("SELECT user_email FROM ".DB_PEREFIX."_users WHERE user_group = 'admin' && user_id = '$id_'");
			if ($db->num_rows($get_admin) == 1) {
				$admin = $db->fetch_array ($get_admin);
				$mail = $admin['user_email'];
			}
			else $error .= "<li>Не такого администратора";
		}
		else $mail = $SITE['site_email'];
	}
	if ($feedback['select_admins'] == "off") $mail = $SITE['site_email'];
	
	if ($feedback['user_email'] == "on") {
		if (!eregi("^[a-z0-9\._-]+@[a-z0-9\._-]+\.[a-z]{2,4}\$",$user_mail) || mb_strlen($user_mail) > 50) $error .= "<li>Неправильный формат e-mail";
		$user_name = "\nE-mail отправителя: $user_mail";
	}
	else { $user_name = "От имени: ".$_POST['user_name']; $user_mail = $SITE['site_email']; }
	
	if ($feedback['titles'] == "") {
		if ($title == "") $error .= "<li>Не заполнена тема";
		if (mb_strlen($title) > 60) $error .= "<li>Слишком длинная тема";
	}
	else {
		if ($select_title == "" && $user_title == "") $error .= "<li>Не заполнена тема";
		if (mb_strlen($select_title) > 60 || mb_strlen($user_title) > 60) $error .= "<li>Слишком длинная тема";
		
		if ($select_title != "") $title = $select_title;
		if ($user_title != "") $title = $user_title;
	}
	
	if (mb_strlen($title) > 50) $error .= "<li>Слишком длинная тема сообщения";
	if ($text == "") $error .= "<li>Не заполнено текстовое поле";
	if (mb_strlen($text) > 1024) $error .= "<li>Слишком длинное сообщение";
	if ($SITE['bot_protect'] == "yes") {
		$code = $_POST['code'];
		if ($_SESSION['secret_code'] != $code) $error .= "<li>Неверный код";
	}
	if ($error == '') {
		
		if (mail(
			$mail,
			$title,
			mail_body ($text, $user_name, $ip, $title),
			"From: $user_mail <$user_mail>\nContent-Type: text/plain; charset=\"utf-8\"\nContent-Transfer-Encoding: 8bit\n"
		)) {
			site_message ("Письмо отправлено!");
			past_table ("Форма обратной связи", $form);
		
		} else {
			
			site_error ("Ошибка при отправлении письма!");
			past_table ("Форма обратной связи", $form);
		}
	}
	else { site_error ($error); past_table ("Форма обратной связи", $form); }
}


function mail_body ($text, $user_name, $ip, $title) {
		
	$body = 
		"$text".
		"\r\n------------------------------------".
		"\r\nПисьмо отправлено ".date("j.m.Y в H:i")." c ip: $ip".
		"\r\nhttp://".$_SERVER['HTTP_HOST'];

	return $body;
}
